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the page header (as per 37 CFR 1 .84(c)) so as not to obstruct any portion of the 
drawing figures, if the changes are not accepted by the examiner, the applicant will be 
notified and informed of any required corrective action in the next Office action. The 
objection to the drawings will not be held in abeyance. 

Specification 

4. The abstract of the disclosure is objected to because it contains more than 1 50 
words and one paragraph. Correction is required. See MPEP § 608.0Kb). 

5. The disclosure is objected to because of the following informalities: 

a. The phrase "request to certify a public key derived from a pair of asymmetric 
keys, a public key Kp and a private key Ks" (specification page 2, lines 22-23; page 7, 
lines 9-10). The public key sent to the CA to be certified (page 3, lines 12-13) is not 
defied from an asymmetric key pain it is the public key Kp of the asymmetric key pair. 

b. There is no brief description for figure 4c. 
Appropriate correction is required. 



Claim Objections 

Claims 7 and 12 are objected to because of the following informalities: 
Regarding claim 7, the phrase "verifying the usage of public keys derived from a 



6. 
a. 



set of asymmetric keys, a public key Kp and private key Ks" in the preamble 

lines). The public key sent to the CA to be verified (25»-27* lines) is not derived from 
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OOTO c li o„ i s req u ir e d .T h e phra se i s«e d as^n fl t h e U sa a eo f .epu bl ,c 

key of an asy— Key pa,, a public key Kp and a private Key Ks". 

„ , m 7 the phrase "by an on-board system and stored in the storage 
b Regarding claim 7, the phrase ay «» 

, tem ^iV (3 rd -4 th lines). Since the key pair is generated by and 
area of an on-board system (Si) (3 « " ne > 

stored on the same on-board system, the phrase is interpreted as "by an on-board 

svstem (Si, and stored in the storage area of said on-board system (Si>". 

e Regarding Cairn 7, the phrase -publishing said mother private Key (KpM) (17 

llne) it shouid be changed to "pushing satf mother pubiic Key (KpM)". 

d ' R egardingc l a, m12 /saidsignatureo f acer, ffl c a tionre q uesn l 4- 15 iines) 

should be changed to "said signature of the certification request" 

Claim Rejections ■ 35 USC §112 

7 Thefollowingisaquotationofthef,rstparagraphof35U.S.C. 1 12 : 

8 cairns 7-12 are rejected under 35 U.S.C. 112. tlrst paragraph, as failing to 

comply with the enabiement requirement. The d aim(s, contains subiect matter which 
wasn o,deschbedin.hespeci fl ca,ioninsuchawayas,oenableonesKil,edin*eartto 

whi ch R pertains, or with which 1 is most neany connected, to maKe and/or use the 

invention. 



Pacje 5 

Application/Control Number: 09/673,137 
Art Unit: 2132 

a. Regarding claims 7 and 12, both claim contain the feature of calculating a 
diversified private key from a mother private key and a serial/identification number 
(claim 7: lines 20-22; claim 12: lines 5-8). According to the specification, the key 
diversification process implemented in step 1003, as represented in Fig. 3, can thus 
consist in a process supported by an algorithm known as a Zero Knowledge Signature 
Mechanism and the algorithms known by the names FIAT-SHAMIR or GUILLOU 
QUISQUATER that are usable for this purpose (lines 9-12) and a diversified private key 
is considered to have been obtained by implementing processes supported by the FIAT- 
SHAMIR algorithm F-S or the GUILLOU-QUISQUATER algorithm G-Q (lines 13-14). 
However, the specification fails to convey enough information to enable one skilled in 
the art to implement the key diversification process using the above-mentioned 
algorithms. Thus, the disclosure fails to enable one skilled in the art to make and use 
the claimed invention. 

b. Claims 8-1 1 are rejected on the same basis as claim 7 recited in paragraph 8a by 
virtue of their dependencies. 

9. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
Sg the subject matter which the applicant regards as h.s invention. 

10. Claims 7-1 1 is rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 
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a. Regarding claim 7. it recites the .imitation "the request" in line 8». There is 
insufficient antecedent basis for this limitation in the claim. 

b Regarding Calm 7, there is no indication o, what value CM is (26" line, in the 
claim. The value is interpreted as an algorithm that me public key is generated to use 
with (specification, p. 2, lines 23-24). 

c . Claims 6.1 1 are reiected on the same basis as claim 7 recited in paragraphs 
10a-10b by virtue of their dependencies. 

Claim Rejections - 35 USC § 103 
1 1 Claims 7-8 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Matyas et al. (5,164,988) over Pauschinger (6,041,704), Austin (4.944,007) and Yuva, 
etal. (5,586,186). 

a Regarding claim 7, Matyas discloses a method for verifying the usage of the 
public key of an asymmetric key pair, a public key (PUMa) and private key (PRAa) 
generated for a given use, such as encryption/decryption or digital signature 
verification/generation, by an on-board system and stored in the storage area of the on- 
board system (col. 5, lines 26-36; col. 19, line 56 - col. 20. line 4) equipped with 
cryptographic calculation means and externally accessible read/wnte-protected means 
for storing digital data «. 3), said digital data comprising a, leas, a device ID for 
identifying the on-board system (tig. 4, element 1 19), a request being formulated by 
said on-board system by transmitting a request message containing said public key 
(PUMa) to a certification ( authority (CA) (fig. 7), comprising: 
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mating for said onboard system a public and private authentication keys 
(PUA a and PRAa) and storing the authenticate Keys in said storage area (col. 17. Ime 

65 -col. 18, line 15); 

fishing said public authentication Key (PUAa, and said device ,D (col. 18. 

lines 32-34); 

generating by the on-board system a certification reques, containing the pub,,c 
Key (PUMa). an aigodthm that the public Key is generated to use with, and usage 
indicators (U) of said public key (figures 6-7; coi. 5, iines 26-36); 

us ,ng said caption means and said private authentication Key associated wrth 
«. on-board system (PRAa, to oaicuiate a digHa, signature of the entire re q ues. (coi. 
16, lines 19-25); 

forming a certification request message containing the request, the identifier o, 
th eon-board system and the digita, signature ofthe request (fig. 7; coi. 1, iines 13-25); 
retrieving, from me caseation request message, the device ID of the on-board 

system (col. 21 , line 67 - col. 22, line 25); 

retrieving, from said device ID, the public authentication Key (PUAa, o, the on- 
ward system, venfying, from said public —cation Key (PUAa,, from said device 
1D of *e on-board system, and from said caseation request message received, sa,d 
di g it a, signature, and establishing the —city of said cryptographic control value 
and the source ofthis caseation reques. 5; col. 21, line 67 -co,. 22, „ne 25; fig. 



5). 
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Matyas does not disclose associating an identification code of an authorized 
operator with the on-board system. Pauschinger discloses associating a manufacture 
ID of a security device, which meets the limitation of an identification code of an 
authorized operator, with the security device (col. 7, lines 10-12; col. 8, lines 58-61). It 
wou.d have been obvious to one of ordinary skill in the art at the time the invention was 
made to modify the Matyas method to associating the on-board system with the 
manufacture ID, as taught by Pauschinger. The manufacture ID together with the 
device ID is used to retrieve the public key of the device. 

Matyas does not disclose that the private authentication key (PRAa) is a 
diversified private key. Austin discloses generating a private authentication key for a 
smart card to perform cryptographic functions, the private authentication key being a 
diversified private key (col. 3, lines 17-33; fig. 5). It wou.d have been obvious to one of 
ordinary skill in the art at the time the invention was made to modify the Matyas method 
such that the private authentication key is a diversified private key, as taught by Austin. 
The motivation for doing so would have been to verify that any member using its 
diversified private key is a legitimate member of the group (col. 3, lines 50-54). 

Matyas does not disclose that the diversified private key is generated from a 
mother private key and the device ID. Yuval discloses a method for generating mother 
public and private keys and generating a diversified private key for an entity from the 
mother private key and information unique to that entity, the diversified private key 
being used to decrypt data encrypted with the mother public key (figures 5A-5C). It 
would have been obvious to one of ordinary skill in the art at the time the invention was 
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made to modify the method of Matyas further such that the diversified private key is 
generated from a mother private key and information unique to the on-board system, as 
taught by Yuval; accordingly, the unique information being the device ID. The 
motivation for doing so would have been that software encrypted using a single 
encryption key could be decrypted using multiple decryption keys, each of which is 
unique to a particular user (col. 2, lines 64-67). 
b. Claim 8 is rejected on the same basis as claim 7. 

12. Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Matyas, 
Pauschinger, Austin and Yuval as applied to claim 7 above, and further in view of 
Multerer et al. (6,134,658). Matyas, Pauschinger, Austin and Yuval do not disclose the 
steps of communicating a certification request template to said on-board system; at the 
on-board system level, verifying the format of the template and filling in missing fields of 
the certification request template. Multerer discloses automating the certification 
request process by communicating a certification request template to an entity 
requesting a certificate, verifying the format of the template and filling in missing fields of 
the certification request template by the entity (Abstract). It would have been obvious to 
one of ordinary skill in the art at the time the invention was made to modify the 
combined method of Matyas, Pauschinger, Austin and Yuval to communicate a 
certification request template to said on-board system; at the on-board system level, 
verifying the format of the template and filling in missing fields of the certification request 
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template, as taught by Multerer, in order to minimize the number of malformed 
authentication certificate requests (Abstract). 

1 3. Claim 1 0 is rejected under 35 U.S.C. 1 03(a) as being unpatentable over Matyas, 
Pauschinger, Austin and Yuval as applied to claim 7 above, and further in view of 
Menezes et al. ("Handbook of Applied Cryptography"). Matyas, Pauschinger, Austin 
and Yuval do not disclose controlling the asymmetric keys for only signature generation 
purposes. Menezes discloses controlling asymmetric keys for singing only (p. 567, 
13.32 Remark). It would have been obvious to one of ordinary skill in the art at the time 
the invention was made to modify the combined method of Matyas, Pauschinger, Austin 
and Yuval such that the asymmetric keys is controlled for singing purposes only, as 
taught by Menezes. The reason for separation is that asymmetric encryption keys and 
signature keys have different life cycle requirements and cryptographic prudence. 

14. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Matyas, 
Pauschinger, Austin and Yuval as applied to claim 7 above, and further in view of 
Holloway ("Controlling The Use Of Cryptographic Keys"). Matyas, Pauschinger, Austin 
and Yuval do not disclose associating, with an asymmetric key pair and with the 
asymmetric decryption process, a symmetric weak decryption process and key, the 
symmetric decryption key being encrypted, then decrypted, by means of the private 
asymmetric decryption key. Holloway discloses controlling an asymmetric key pair for 
encrypting/decrypting a symmetric key (p. 597, see Hybrid Public-Symmetric Control). 
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Holloway also disclose controlling the use of weak symmetric keys (p. 594, "The base 
control vector ... sent encrypted to another system"). It would have been obvious to one 
of ordinary skill in the art at the time the invention was made to modify the combined 
method of Matyas, Pauschinger, Austin and Yuval to control an asymmetric key pair for 
encrypting/decrypting a symmetric key, as taught by Holloway, to provide only one 
bridge between the asymmetric cryptographic system and the symmetric system. Also, 
it would have been obvious to one of ordinary skill in the art at the time the invention 
was made to modify the combined method of Matyas, Pauschinger, Austin and Yuval to 
control the use of weak symmetric keys, as taught by Holloway, for export control. 

15. Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over Matyas 
over Austin and Yuval. Matyas discloses: 

an on-board system comprising a card having a microprocessor, a RAM, a 
nonvolatile memory including a programmable memory and an externally accessible 
protected storage area memory, a cryptographic calculation module and an input/output 
system connected by a link of BUS type (fig. 3) 

a private authentication key (PRAa) and a corresponding public authentication 
key (PUAa) stored in said protected memory (fig. 4); 

said cryptographic calculation module comprising: 

means for calculating a signature from said private authentication key, 
making it possible to calculate the signature of a certification request to certify a public 
key PUMa associated with a private encryption key PRMa, said private key PRMa 
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generated by said signature calculation means being stored in said externally 
accessible protected memory, said signature of the certification request being a 
function of the identification number of said on-board system (col. 16, lines 10-25; col. 
19, line 56 - col. 20, line 4; col. 3, lines 34-39), said signature calculation means 
making it possible to transmit to a certification authority a certification request message 
containing said certification request and said signature (col. 16, lines 10-25), which 
allows said certification authority to verify the source of the certification request from 
said on-board system and the protection of said private authentication key and private 
encryption key in said externally accessible protected memory using only public 
elements, such as said public authentication key PUAa (fig. 10). 

Matyas does not disclose that the private authentication key (PRAa) is a 
diversified private key. Austin discloses generating a private authentication key for a 
smart card to perform cryptographic functions, the private authentication key being a 
diversified private key (col. 3, lines 17-33; fig. 5). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to modify the Matyas method 
such that the private authentication key is a diversified private key, as taught by Austin. 
The motivation for doing so would have been to verify that any member using its 
diversified private key is a legitimate member of the group (col. 3, lines 50-54). 

Matyas does not disclose that the diversified private key is generated from a 
mother private key and the device ID. Yuval discloses a method for generating mother 
public and private keys and generating a diversified private key for an entity from the 
mother private key and information unique to that entity, the diversified private key being 
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used to decrypt data encrypted with the mother public key (figures 5A-5C). It would 
have been obvious to one of ordinary skill in the art at the time the invention was made 
to modify the method of Matyas further such that the diversified private key is generated 
from a mother private key and information unique to the on-board system, as taught by 
Yuval; accordingly, the unique information being the device ID. The motivation for doing 
so would have been that software encrypted using a single encryption key could be 
decrypted using multiple decryption keys, each of which is unique to a particular user 
(col. 2, lines 64-67). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dinh whose telephone number is 703-306-5617. 
The examiner can normally be reached on Mon - Fri: 9:00 am - 5:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 703-305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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